voice-call
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses an attack surface for indirect prompt injection by accepting message content for voice calls without sanitization. * Ingestion points: message parameter in initiate_call, continue_call, and speak_to_user tool actions. * Boundary markers: None identified. * Capability inventory: Voice call initiation and management. * Sanitization: None identified.
- SAFE (SAFE): No other threats were detected. All configuration keys for Twilio, Telnyx, and Plivo are correctly identified as metadata requirements rather than hardcoded secrets, and no external code downloads or remote execution patterns are present.
Audit Metadata